Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Journey to GIFEE - Philly ETE 2016

Brandon Philips
May 31, 2016
Programming
0
77

Journey to GIFEE - Philly ETE 2016

Brandon Philips

May 31, 2016
Tweet

More Decks by Brandon Philips

See All by Brandon Philips
Node.js Workflow with Minikube and Skaffold
philips
0
210
Manage the App on Kubernetes
philips
0
300
Production Backbone Monitoring Containerized Apps
philips
0
100
KubeCon EU 2017: Dancing on the Edge of a Volcano
philips
1
540
rkt - KubeCon EU keynote - 2017
philips
1
230
FOSDEM_Keynote_2017-_.pdf
philips
0
75
Tectonic Summit Day 2 Keynote
philips
0
300
Kubernetes: Simple to Manage Anywhere (self-hosted, Tectonic upgrade demo)
philips
0
230
KubeCon Keynote 2016- Distributed Systems Simplified on Kubernetes
philips
2
510

Other Decks in Programming

See All in Programming
PHPはいつから死んでいるかの調査
chiroruxx
2
440
2 週間で Twitter Bot を作ってみた
contour_gara
0
820
Open standards for building event-driven applications in the cloud
meteatamel
0
190
slow types ってなんだろう?
karad
0
190
GitLab CI/CD で C#/WPFアプリケーションのテストとインストーラーのビルド・デプロイを自動化する
hacarus
0
520
WebGLで始める コンピュータグラフィックス入門
heller77
0
360
Open AI APIを使う前に知っておきたいアカウントTier の話
akki_megane
0
110
TSKaigi 2024 - 新サービス Progate Path の演習で TypeScript を採用して見えた教材観点からの利点と課題
makotoshimazu
1
110
TypeScriptでもLLMアプリケーション開発 / LLM Application In Typescript
rkaga
2
930
Kotlin Multiplatform at Stable and Beyond (Android Makers 2024)
zsmb
0
560
Tailwind CSSを本気でカスタマイズする方法
fsubal
15
5.6k
ペパボOpenTelemetry革命
pyama86
2
190

Featured

See All Featured
The Cost Of JavaScript in 2023
addyosmani
21
3.9k
The Straight Up "How To Draw Better" Workshop
denniskardys
228
130k
For a Future-Friendly Web
brad_frost
172
9k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
228
16k
Building Adaptive Systems
keathley
32
1.9k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
41
4.4k
Rebuilding a faster, lazier Slack
samanthasiow
74
8.3k
jQuery: Nuts, Bolts and Bling
dougneiner
60
7.2k
Visualization
eitanlees
137
14k
Faster Mobile Websites
deanohume
300
30k
The Language of Interfaces
destraynor
151
23k
Mobile First: as difficult as doing things right
swwweet
217
8.6k

Transcript

  1. Brandon Philips @brandonphilips | [email protected] The Journey to #GIFEE Intro

    to the Open Source

  2. Secure the Internet MISSION

  3. Separate Apps from OS STRATEGY

  4. Make Servers Consistent STRATEGY

  5. Tolerate Machine Failures STRATEGY

  6. Make Servers Easy to Upgrade STRATEGY

  7. Simplify Application Upgrades STRATEGY

  8. None
  9. None
  10. None
  11. None
  12. None
  13. None

  14. 3 Application packaging Clustering Linux at scale

  15. #GIFEE Borg/Omega Linux Chubby

  16. #GIFEE Borg/Omega Linux Chubby

  17. #GIFEE Borg/Omega Linux Chubby

  18. Avoid single points of failure Design for constant updates Consistent

    environment Why build #GIFEE?

  19. Why build #GIFEE? Design for constant updates

  20. Application Packaging 1

  21. Abstract away app from the OS OS App

  22. None
  23. None

  24. Base software managed by CoreOS kernel systemd OpenSSH

  25. Protect apps from each other Isolated network namespace Isolated file

    system namespace Mixed versions of dependencies eg. python 3.4 & python 2.7

  26. $ sudo rkt run coreos.com/etcd:v2.0.0 $ sudo rkt run coreos.com/etcd:v2.0.0

    \ --cpu=750m --memory=128M $ sudo rkt run --net=host coreos.com/etcd:v2.0.0 rkt run

  27. Search container metadata Identify vulnerabilities Explain update actions Clair container

    security auditing

  28. After scanning millions of containers we found that over 80%

    still had Heartbleed 80% Clair container security auditing
  29. None

  30. In-Progress Universal Container Format Packaged Downloaded Verified

  31. Linux at Scale 2

  32. Patches to the OS and kernel are hard Retest after

    updates No automation SECURITY Dependency breakage Uptime risk APPLICATION
  33. None

  34. Auto-updating browsers fixed security We got HTML5 at the same

    time

  35. Atomic operating system updates

  36. Atomic operating system updates

  37. Clustering 3

  38. Patches to the OS and kernel are hard Retest after

    updates No automation SECURITY Dependency breakage Uptime risk APPLICATION

  39. Patches to the OS and kernel are hard No automation

    SECURITY Uptime risk APPLICATION

  40. Operations Paradise Easy scale out Painless app upgrades Tolerant of

    machine failure

  41. App Req/sec: 6,000 App Healthy: True

  42. App Req/sec: 6,000 App Healthy: True

  43. App Req/sec: 7,000 App Healthy: True

  44. App Req/sec: 8,000 App Healthy: True

  45. App Req/sec: 7,000 App Healthy: True

  46. App Req/sec: 6,000 App Healthy: True

  47. App Req/sec: 8,000 App Healthy: True

  48. App Req/sec: 7,000 App Healthy: True

  49. App Req/sec: 8,000 App Healthy: True

  50. App Req/sec: 8,000 App Healthy: True

  51. App Req/sec: 8,000 App Healthy: True

  52. When do you need cluster coordination? Leader election Cluster-wide Semaphores

    Service discovery Dynamic configuration

  53. Hard Computer Science Problem ?

  54. Hard Computer Science Problem Chubby

  55. A highly-available key value store for shared configuration and service

    discovery
  56. None
  57. None
  58. None
  59. None
  60. None
  61. None
  62. None

  63. No existing “cloud native” solutions Simple HTTP + JSON APIs

    Dynamic reconfiguration Why build etcd?

  64. Simple key/value “Distributed etc” Keys are versioned Changes can be

    watch

  65. Cluster-wide reboot lock - locksmith Service discovery - vulcand, skydns

    Cluster orchestration - k8s, cloud foundry

  66. Industry Adoption 500+ projects on Github

  67. When do you need cluster coordination? Leader election Cluster-wide Semaphores

    Service discovery Dynamic configuration

  68. Hard Computer Science Problem ?

  69. Hard Computer Science Problem Chubby

  70. A highly-available key value store for shared configuration and service

    discovery

  71. Kubernetes is our choice for orchestration platform

  72. App Req/sec: 8,000 App Healthy: True

  73. App Req/sec: 8,000 App Healthy: True

  74. App Req/sec: 8,000 App Healthy: True

  75. App Req/sec: 8,000 App Healthy: True

  76. Guides & Tools coreos.com/kubernetes kube-aws Cloud-configs

  77. Scheduler gets work to the servers

  78. $ scp app host:/opt $ ssh host systemd-run /opt/app

  79. $ scp app host:/opt $ ssh host systemd-run /opt/app

  80. $ fab deploy:app

  81. $ fab deploy:app

  82. $ fab deploy:app

  83. $ fab deploy:gpu-app

  84. $ fab deploy:gpu-app

  85. $ fab deploy:gpu-app

  86. Replication controllers drive the cluster to a desired state

  87. pod env=prod app=web pod env=prod app=web pod env=prod app=web rc

    web-prod select(env=prod,app=web) count=1

  88. pod env=prod app=web pod env=prod app=web pod env=prod app=web rc

    web-prod select(env=prod,app=web) count=1

  89. pod env=prod app=web rc web-prod select(env=prod,app=web) count=1

  90. pod env=prod app=web rc web-prod select(env=prod,app=web) count=5

  91. pod env=prod app=web pod env=prod app=web pod env=prod app=web pod

    env=prod app=web pod env=prod app=web rc web-prod select(env=prod,app=web) count=5

  92. Services find scheduled apps (pods) and load balance them

  93. pod env=dev app=web pod env=test app=web pod env=prod app=web

  94. pod env=dev app=web pod env=test app=web pod env=prod app=web service

    test.example.com select(env=dev,app=web) service beta.example.com select(env=test,app=web) OR select(env=prod,app=web) service example.com select(env=prod,app=web)

  95. pod env=test app=web pod env=prod app=web pod env=prod app=web pod

    env=dev app=web pod env=test app=web pod env=prod app=web service test.example.com select(env=dev,app=web) service beta.example.com select(env=test,app=web) OR select(env=prod,app=web) service example.com select(env=prod,app=web)

  96. pod app=foo,version=1 service foo.cluster.local select(app=foo)

  97. pod app=foo,version=1 pod app=foo,version=2 service foo.cluster.local select(app=foo)

  98. pod app=foo,version=1 pod app=foo,version=2 service foo.cluster.local select(app=foo)

  99. Upstream rktnetes Auth/OIDC Node self-signed TLS

  100. Scaling 15x scheduler performance 30k pods on 1k nodes SIG-scale

  101. 3 Application packaging Clustering Linux at scale

  102. Sounds good, but... Is anyone successful with all this in

    prod?

  103. Publically traded options exchange

  104. Containers on CoreOS are powering ISE's high- throughput, low-latency financial

    exchange Running in production Bare metal & AWS Billions of transactions a day 150 million req/sec
  105. None

  106. Secure the Internet MISSION

  107. Separate Apps from OS STRATEGY

  108. Make Servers Consistent STRATEGY

  109. Tolerate Machine Failures STRATEGY

  110. Make Servers Easy to Upgrade STRATEGY

  111. Simplify Application Upgrades STRATEGY

  112. None

  113. coreos.com/fest - @coreosfest May 9 & 10, 2016 - Berlin,

    Germany
  114. None

  115. Build, Store and Distribute your Containers quay.io

  116. Thank you! Brandon Philips @brandonphilips | [email protected] | coreos.com We’re

    hiring in all departments! Email: [email protected] Positions: coreos.com/ careers